DDoS Attacks Increase, IoT Risks Growing

Wednesday, April 27, 2016 @ 12:04 PM gHale

The cliché around the industry is not if, but when you end up attacked and in today’s technologically evolving workplace, it appears that is the case, according to a just-released survey.

More organizations worldwide are suffering from distributed denial of service (DDoS) attacks, according to a survey of over 1,000 IT professionals across six continents from security provider, Neustar.

With that in mind, DDoS-defense focused organizations are now protecting themselves with much better strategies.

The research results show although revenue loss caused by a DDoS related outage is usually the main concern, 57 percent of all breaches involved some sort of theft including intellectual property and customer data as well as financial information. Following the initial breach, 45 percent of organizations reported the installation of a virus or malware – a sign attackers want to come back to cause more issues.

The research highlights although DDoS attack tactics continue to evolve from single large attacks intended to take a website offline to the multi-vector attacks we are seeing today, organizations are fighting back. The survey found 76 percent of companies are investing more in DDoS protection than in 2014 and 47 percent of the attacked organizations are participating in security consortiums to share information on threats and counter measures.

Other key findings include:
• 73 percent of global brands and organizations were attacked, which should put virtually every organization with a digital presence on notice.
• 82 percent of organizations experiencing a DDoS attack were then attacked repeatedly, with 45 percent reporting they were attacked 6 or more times.
• 57 percent of organizations reported theft after attack, including loss of customer data, finances or intellectual property.
• 50 percent of organizations would lose at least $100,000 per hour in a peak-time DDoS related outage (33 percent would lose more than $250,000 per hour), and 42% needed at least three hours to detect they were under DDoS attack.

In addition to examining DDoS trends of 2015, the survey also asked respondents to consider the future for companies deploying IoT connected devices.

The survey found while 63 percent of companies have IoT devices already deployed only 34 percent have security measures in place, indicating the IoT is opening up new threat vectors but too few organizations focus on preventing connected devices from suffering a compromise.

“By 2017, 81 percent of organizations will have devices deployed to collect and analyze data so today, we have the opportunity to learn from our mistakes and make security a cornerstone of every IoT device moving forward. From design conception, every IoT device, sensor, and software system needs a multi-tiered security driven approach, including timely patches and updates. Just as important, or perhaps more so, is for security to be an intrinsic part of every network. As IoT devices continue to become ingrained into our electrical grid, hospitals, assembly lines and other essential areas of life, the stakes are simply too high to leave security to chance,” said Hank Skorny, Neustar IoT expert.